[bind10-dev] [sprint planning] estimate result discussion for sprint ending 2013-03-19

Francis Dupont fdupont at isc.org
Mon Mar 4 22:15:24 UTC 2013


> > #2822 (remove dependecies to OpenSSL, use Botan instead)
> > 
> > As someone else also suggested, perhaps it should be the other way
> > around (which, tbh, seems easier)
> 
> I would prefer no botan and use openssl instead.  OpenSSl is much more
> common on systems than Botan, so it would be one less thing for the end
> customer to fight with as a pre-req.

=> IMHO it is an illusion: Botan is better written (easy if you look
at inside OpenSSL) and is in C++. OpenSSL is faster (mostly because
critical stuff is written in assembly) and more common but at
the expense of the performance (i.e., you can't really optimize
a generic package) and some features miss on popular Linuxes
(no ECC because of patent FUD), so anyway one will have to recompile
something and Botan will become again a better solution.

If one wants to switch to another crypto, please comment my PKCS#11
idea.

Regards

Francis Dupont <fdupont at isc.org>


More information about the bind10-dev mailing list